Cathay Pacific waited seven months to announce a data breach today

The big picture: Hong Kong-based airline Cathay Pacific Airlines announced on Wednesday that it had uncovered a breach of its information systems. It estimates that the data of as many as 9.4 million customers have been exposed. It did not mention that the unauthorized activity occurred in March of this year.

The international airline emailed customers urging them to change their passwords, even though in its announcement it said that no passwords were compromised.

“No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised,” said Cathay Pacific CEO Rupert Hogg.